I've tried Fedora, OpenSuSE, Mint Linux and was disgusted by the performance I got on my 900Mhz PIII 320G laptop. Damn Small Linux is nice but would take too much of my time to setup all the apps I would like to use. I just want to browse websites with firefox and look at email and dabble with basic Linux system admin.

I quickly installed Firefox and switched the menu fonts to something reasonable with the GTK theme chooser. Also I enabled the autohide in the .jwmrc-tray file. Afterwords I found the GUI config tool for jwm. Finally I setup my Prism 2 wireless card. All straight forward tasks that are not trivial for new Linux users.

As a long time UNIX user and backup sys admin as far back as 1992, I was a little disturbed puppy defaults to run as root? Now I know how to add users and can set that up , but root as default seems like a poor choice for security. Is there a reason root is the default?

Hope that helps._________________hangout: ##b0rked on irc.freenode.net
diversion:http://alienjeff.net - visit The Fringe
quote: "The foundation of authority is based upon the consent of the people." - Thomas Hooker

What I would like to know is if all those
advocating this type of - Security -
actually shred all their post addressed letters,
bank statements, utilities bills etc
to stop anyone going through their garbage and using
all this freely available info to defraud people.

BTW I did read Barry's response and he does make sense in that puppy is NOT a server and all data except on your sfs files is read only. I just fear people see this and not understanding the unique puppy criteria think its OK for all Linux machines to boot to root.

Thanks for all the details .. and I will be running my browser and eamil client as spot. Thanks!

I'm still waiting for a report - from anyone anywhere, using any Linux distro - of a problem they had that would not have happened had they not been running as root. Without actual experience to analyze, we're just wasting our time guessing the worst that could occur._________________Puppy Help 101 - an interactive tutorial for Lupu 5.25

I'm still waiting for a report - from anyone anywhere, using any Linux distro - of a problem they had that would not have happened had they not been running as root. Without actual experience to analyze, we're just wasting our time guessing the worst that could occur.

i deleted an essential file once, because i am an idiot

i suppose i could have deleted the file in a multi-user system too, but it would have taken longer

Nth hand this one admittedly. But someone attempts to clear out a directory with

Code:

rm -fr *

Problem is, there's some keymap issues, so he actually does

Code:

rm -fr ~

. On this system, root's homedir was /

Bye bye system.

Also I seem to recall there's a gotcha with rm where something can match '..' (the parent directory) unexpectedly.

Finally, I don't have a major problem with puppy defaulting to root. What I have a problem with is it seems to make it inordinately difficult to login as NOT root.

In your if scenario, you are talking about a stupid or possibly an intentionally destructive user.

Don't let stupid users use your computer, they can get their own to mess up.

If it be intentionally destructive, it wouldn't matter what OS or how it was configured. You would pretty well have to put the computer out of access.

For example, some companies have their really important servers and other computers in air conditioned rooms, which only the administrators and probably the owner has keys to._________________New! Puppy Linux Links Page

I still think the best answer is Nathan's tinfoil hat article (BTW he actually converted Grafpup to a multiuser system).

Quote:

I'm still waiting for a report - from anyone anywhere, using any Linux distro - of a problem they had that would not have happened had they not been running as root.

That's pretty much what I say every time someone mentions this.

tw296 - we want real world examples of something someone has done, not theoretical examples of what they can do

Quote:

What I have a problem with is it seems to make it inordinately difficult to login as NOT root.

The reason this is so is because no one has taken the time to make it easier. Perhaps you would like to volunteer? There are some people who would thank you._________________Classic Puppy quotes
-
root: n. the superuser or administrator account that has complete control over everything in the machine. Running as root is a taonga of Puppy Linux users.Last edited by disciple on Wed 07 Oct 2009, 02:51; edited 1 time in total

In your if scenario, you are talking about a stupid or possibly an intentionally destructive user.

Don't let stupid users use your computer, they can get their own to mess up.

It makes sense to accept that anyone, while not stupid, can and will make mistakes. This includes ourselves. And actually, I have hosed my system while running as root - though what I was doing couldn't NOT have been done as root. I was working from a live cd trying to copy everything from my root partition to somewhere else for a backup; naturally, this can't be done from within the system. It failed, so I went to delete it, but was in the original not the backup when I did the rm -fr *. Kerblam.

Also, seeing as how Grafpup is a multiuser system - can't we (by which I mean me if I get the time) backport whatever changes make that possible to Puppy?

EDIT: Yes, Ubuntu's default setup is stupid. I change things so that sudo wants the ROOT password, that should make things a bit more secure (though how much?), though it defeats the real point of sudo - but who uses its full power on desktop systems anyways?
In any case, being 'as secure as Ubuntu' is hardly something to brag about. Remember that openssh bug? Inherited from Debian, true. But it shows that even Free Software can have seriously nasty things lurking in it that don't get picked up.

Making Puppy not run as root would shut up a huge amount of the forum questions. It's easily the most asked question about the distro.

In most distributions, the effort required to not run as root is so minimal that even if the security advantage is small, it's still worth doing. In Puppy that's not the case - running as root requires effort on the user's part, and it's perhaps effort not well spent. But I have yet to see any argument that running as root is MORE secure than not doing so.

In most distributions, the effort required to not run as root is so minimal that even if the security advantage is small, it's still worth doing.

Maybe for you, but for me it is not worth it - I just find it annoying

Quote:

Also, seeing as how Grafpup is a multiuser system - can't we (by which I mean me if I get the time) backport whatever changes make that possible to Puppy?

Well I'm not sure how much would be easy backporting and how much you would have to do from scratch. Grafpup 2 is a lot more different from puppy than Grafpup 1.x (which wasn't multi-user) was, and is also closer to the Puppy 2.x series than 4.x. So it wouldn't be a simple matter of copying and pasting.

I don't think there would be any big disadvantages (size or whatever) in Puppy having multi-user ability, so no one should complain about it.

You might like to:
1. ask around for people that are running Puppy as something other than root, and see what they had to do. There has been at least one forum thread about how to do it, but I don't think it was the sort of complete solution you would want.
2. talk to Nathan and see if he has any more notes or advice.
3. talk to the people working on Puppy. WhoDo is coordinating the next 4.x release, but this might be too big a change for it, so it may have to wait a release. I think there are also people working on new 3.x and 2.x releases, but IMNSHO the future is with 4.x_________________Classic Puppy quotes
-
root: n. the superuser or administrator account that has complete control over everything in the machine. Running as root is a taonga of Puppy Linux users.

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot edit your posts in this forumYou cannot delete your posts in this forumYou cannot vote in polls in this forumYou cannot attach files in this forumYou can download files in this forum